Cloud Security - Reality or Illusion
-
Upload
srinivas-thimmaiah -
Category
Internet
-
view
28 -
download
5
Transcript of Cloud Security - Reality or Illusion
![Page 1: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/1.jpg)
1
Cloud SecurityReality or Illusion
By: Srinivas ThimmaiahDate: 11 Mar 2017
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017
![Page 2: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/2.jpg)
About me
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 2
An seasoned Information Security professional, speaker & blogger having around 13+ years of rich and insightful work experience in the areas of Information Security Assurance, Governance, Risk Management, BCM, Supplier Management, Awareness, IT Security, operational excellence and also in influencing team members and management.
CISM, ISO 27001 certified, CISCO certified Information Security & IT Security experienced professional.
![Page 3: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/3.jpg)
Agenda Cloud Ecosystem
What is Cloud computing Cloud services Deployment models
Cloud adoption trends 2017 Cloud Risks Conclusion
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 3
![Page 4: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/4.jpg)
Cloud EcosystemCloud computing is the delivery of computing services—servers, storage, databases, networking, software, analytics and more—over the Internet (“the cloud”).
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 4Source: Microsoft
Rapid Elasticity
Broad Network Access
Measure service On-demand self-service
Resource pooling
Characteristics of Cloud Computing
![Page 5: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/5.jpg)
Cloud Ecosystem
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 5
Cloud Service Models
Infrastructure as a Service
Platform as a Service
Software as a Service
Application platform or middleware as a service on which developers can build and deploy custom applications
Compute, storage, IT infra as a service, rather than as dedicated capability
End-user applications delivered as a service rather than on-premises software
SaaS (consume)
PaaS (build)
IaaS (host)
![Page 6: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/6.jpg)
Cloud Ecosystem
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 6
Public Private
CommunityHybrid
Cloud Deployment Models
![Page 7: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/7.jpg)
Cloud Ecosystem
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 7
PublicPrivate
CommunityHybrid
Cloud Deployment Models Provisioned by general public Exists on the premise of the
cloud provider May be owned, managed by
business, government or a combination
Organizations
Zoho
SalesforceMicrosoft
AmazonYahoo
Rackspace
![Page 8: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/8.jpg)
PublicPrivate
CommunityHybrid
Cloud Ecosystem
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 8
Cloud Deployment Models Provisioned for single
organization May exist on or off site May be managed by organization
or outsourced
![Page 9: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/9.jpg)
Cloud Ecosystem
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 9
Public Private
CommunityCloud
Hybrid
Provisioned for exclusive use by a specific community
May be managed by one or more of the community organizations
May be managed by community organization or outsourced
Cloud Deployment Models
Community of Organizations
![Page 10: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/10.jpg)
Cloud Ecosystem
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 10
Public Private
CommunityHybrid Combination of two or
more distinct cloud infrastructures
Cloud Deployment Models Public Cloud
Private Cloud
Organization
![Page 11: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/11.jpg)
Cloud adoption trends of 2017
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 11Source: Rightscale 2016 State of the Cloud Report
Public Cloud Private Cloud Hybrid Cloud Any Cloud
88% 89% 89%
63%
77%72%
58%
71%67%
93% 95% 95%
![Page 12: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/12.jpg)
Cloud Risks
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 12
Risks
Policy & Organization Risks Technical Risks Legal Risks
Generic Risks
Source: csaguide
![Page 13: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/13.jpg)
Cloud Risks
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 13
Lock-in
Loss of governanceCompliance challenges
Loss of business reputation due to cotenant activities
Cloud service termination or failure
Cloud provider acquisition
Supply chain failure
Policy & Organization
risks
Source: csaguide
![Page 14: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/14.jpg)
Cloud Risks
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 14
Resource exhaustion (under or over provisioning)
Isolation failure
Cloud provider malicious insider – abuse of high privilege roles
Management interface compromise (manipulation, availability of infrastructure)
Intercepting data in transit
Insecure of ineffective deletion of data
Data leakage on up/download, intra-cloud
Distributed denial of service (DDOS)
Economic denial of service (EDOS)
Loss of encryption keys
Undertaking malicious probes or scans Compromise server engine
Technical risks
Source: csaguide
![Page 15: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/15.jpg)
Cloud Risks
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 15
Risk from changes of jurisdiction
Licensing risks Data protection risks
Subpoena and e-discovery
Legal risks
Source: csaguide
![Page 16: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/16.jpg)
Cloud Risks
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 16
Modifying network traffic
Privilege escalation
Loss or compromise of security logs
Network management (i.e, network congestion/mis-connection/non-optimal use)
Backup lost, stolen
Unauthorized access to premises
Natural disasterTheft of computer equipment
Network breaks
Social engineering attacks
Loss or compromise of operational logs
Generic risks
Source: csaguide
![Page 17: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/17.jpg)
Conclusion
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 17
Effective onboarding process Vendor analysis Risk management Contract Management
Justification for cloud adoption
Re-visit the services
Monitoring the services
Source: From Body to Spirit; From Illusion to Reality
![Page 18: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/18.jpg)
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 18
![Page 19: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/19.jpg)
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 19
![Page 20: Cloud Security - Reality or Illusion](https://reader035.fdocuments.us/reader035/viewer/2022062523/58f9b4221a28ab12648b457d/html5/thumbnails/20.jpg)
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 20
https://www.google.co.in/search?q=road+with+car&biw=1920&bih=935&source=lnms&tbm=isch&sa=X&ved=0ahUKEwiGx-W6va_SAhVI_iwKHULgBTwQ_AUIBigB#tbm=isch&q=cloud+security+icon&*&imgrc=QnwqNekhOpC6-M:
https://www.google.co.in/search?q=road+with+car&biw=1920&bih=935&source=lnms&tbm=isch&sa=X&ved=0ahUKEwiGx-W6va_SAhVI_iwKHULgBTwQ_AUIBigB#tbm=isch&q=cars+on+highway&*&imgrc=WRHPKYuTO2knwM:
References